peternewnham / react-html-parser

Converts HTML strings directly into React components and provide a simple way to modify and replace the content.
https://peternewnham.github.io/react-html-parser
MIT License
782 stars 103 forks source link

Possible XSS vulnerability #76

Open dawidkostrzewa opened 4 years ago

dawidkostrzewa commented 4 years ago

Edit: Contents removed until a fix is deployed

peternewnham commented 4 years ago

@dkostrzi Thanks for the report. I am currently working with the guys at Snyk to fix and document the issue in their database.

I have also removed the contents of your issue to try and reduce the amount of visibility this has until a fix is provided.